Distributed authorization of identities in a dynamic connected environment
Abstract
Techniques include receiving, at a sensor, a request for authentication of an identity; determining, based on a distributed ledger, a dynamic credibility score for the identity; determining whether the dynamic credibility score for the identity can be validated by consensus by at least a subset of distributed verification services, based on whether the dynamic credibility score for the identity is within a range of variance from one or more credibility scores for the identity determined by the subset of the plurality of distributed verification services; and determining, based on whether the dynamic credibility score for the identity can be validated by consensus, whether to authorize the identity to perform the action in the blockchain network.
Claims
exact text as granted — not AI-modifiedWhat is claimed is:
1. A non-transitory computer readable medium including instructions that, when executed by at least one processor, cause the at least one processor to dynamically authorize an action made by an identity in a dynamically connected networked environment, the operations comprising:
receiving, at a first sensor associated with a first verification service, from among a plurality of distributed verification services in a distributed network, a request for authorization of the action made by the identity, wherein the request includes no authentication information associated with the identity and the request is associated with a request to perform the action in the distributed network;
determining, based on a distributed ledger belonging to the distributed network, and maintained by a verification service and shared by the plurality of distributed verification services, a dynamic credibility score for the identity, the dynamic credibility score for the identity being based in part on a level of trust of the first sensor;
wherein the distributed ledger is developed based on receiving information associated with a plurality of different types of credibility-building actions taken by a user associated with the identity at a plurality of sensors associated with the plurality of distributed verification services, each of the plurality of sensors being configured with permissions data;
determining whether the dynamic credibility score for the identity can be validated by consensus by at least a subset of two or more of the plurality of distributed verification services, based on whether the dynamic credibility score for the identity is within a range of variance from one or more credibility scores for the identity determined by the subset of the plurality of distributed verification services; and
determining, based on whether the dynamic credibility score for the identity can be validated by consensus, whether to authorize the identity to perform the action in the distributed network, wherein at least one of the credibility score determination or the validation determination is made according to a level of trust associated with the first sensor.
2. The non-transitory computer readable medium of claim 1 , wherein the request includes no authentication credentials associated with the identity.
3. The non-transitory computer readable medium of claim 1 , wherein each of the plurality of distributed verification services is associated with one or more of the plurality of sensors.
4. The non-transitory computer readable medium of claim 3 , wherein each of the plurality of sensors is assigned a weight, wherein the weight determines an amount that one or more of the plurality of distributed verification services brings to the consensus.
5. The non-transitory computer readable medium of claim 1 , wherein the level of trust is based, at least in part, on the requested action.
6. The non-transitory computer readable medium of claim 1 , wherein the level of trust is based, at least in part, on an access-restricted resource associated with the verification service.
7. The non-transitory computer readable medium of claim 1 , wherein the first sensor comprises at least one of: a biometric sensor or an RFID transceiver.
8. The non-transitory computer readable medium of claim 1 , wherein the request for authorization is made by the identity.
9. The non-transitory computer readable medium of claim 1 , wherein the first verification service is verified to the distributed network that includes the plurality of distributed verification services.
10. The non-transitory computer readable medium of claim 1 , wherein authorizing the identity to perform the action in the distributed network comprises allowing the identity to access an access-restricted resource.
11. A computer-implemented method for dynamically authorizing an action made by an identity in a dynamically connected networked environment, the method comprising:
receiving, at a first sensor associated with a first verification service, from among a plurality of distributed verification services in a distributed network, a request for authorization of the action made by the identity, wherein the request includes no authentication information associated with the identity and the request is associated with a request to perform the action in the network;
determining, based on a distributed ledger belonging to the distributed network, and maintained by the first verification service and shared by the plurality of distributed verification services, a dynamic credibility score for the identity being based in part on a level of trust of the first sensor;
wherein the distributed ledger is developed based on receiving information associated with a plurality of different types of credibility-building actions taken by a user associated with the identity at a plurality of sensors associated with the plurality of distributed verification services, each of the plurality of sensors being configured with permissions data;
determining whether the dynamic credibility score for the identity can be validated by consensus by at least a subset of two or more of the plurality of distributed verification services, based on whether the dynamic credibility score for the identity is within a range of variance from one or more credibility scores for the identity determined by the subset of the plurality of distributed verification services; and
determining, based on whether the dynamic credibility score for the identity can be validated by consensus, whether to authorize the identity to perform the action in the distributed network, wherein at least one of the credibility score determination or the validation determination is made according to a level of trust associated with the first sensor.
12. The computer-implemented method of claim 11 , wherein determining the dynamic credibility score for the identity includes dynamically calculating the dynamic credibility score based on the level of trust associated with the first sensor.
13. The computer-implemented method of claim 12 , wherein determining whether the dynamic credibility score for the identity can be validated by consensus is based on the level of trust associated with the first sensor.
14. The computer-implemented method of claim 11 , wherein the first verification service is verified to the distributed network that includes the plurality of distributed verification services.
15. The computer-implemented method of claim 14 , wherein the identity has a contract with the distributed network that includes the dynamic credibility score for the identity.
16. The computer-implemented method of claim 11 , wherein the first sensor comprises an RFID transceiver at a physical access point to a building.
17. The computer-implemented method of claim 11 , wherein the first sensor comprises a biometric sensor of a computing device.
18. The computer-implemented method of claim 11 , wherein the first sensor comprises an input interface of an IoT device.
19. The computer-implemented method of claim 11 , wherein the credibility-building actions are received by a plurality of sensors, each credibility-building action being assigned a weight based on the level of trust associated with each of the plurality of sensors.
20. The computer-implemented method of claim 19 , wherein authorizing the identity to perform the action in the distributed network comprises allowing the identity to access an access-restricted resource.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.